We're in the same boat but I did get Packet-Filter installed. I guest you know by now you got a lot of googling to do and be sure to read all you can about Packet-Filter and do a forum search right here under Open-BSD mostly. Than you get a good idea about how networking really works just by understanding pf. Open-BSD Packet-Filter RULES!

The version of OpenBSD's pf that was ported to FreeBSD/NetBSD is ancient, 4.0/4.2 era and lacks recent development.

It may indeed be better than whatever else is available for FreeBSD/NetBSD, but there have been some fundamental changes in configuration syntax with the recent releases of OpenBSD, especially around scrub/nat/rdr rules.

So if you're going to use OpenBSD's pf documentation, you may wish to grab an older PDF copy from here.

Peter N. M. Hansteen's Book of PF would still be helpful for FreeBSD/NetBSD users, and for smaller configurations his famous pf tutorial is still updated occasionally.

The FreeBSD/NetBSD folks need to stop referring to OpenBSD for their outdated fork of pf, as do users of those operating systems.. as it's only going to frustrate them.

Otherwise, I completely agree with his analysis. Henning Brauer, the primary OpenBSD developer working on pf(4), has rearchitected much of its internals over several recent OpenBSD releases. These rapid changes have made it hard enough for the OpenBSD community to keep up; it must be virtually impossible for the other *BSD projects.

Syntax which may have been correct a few releases (of OpenBSD) ago will now create errors. I'm sure the converse is true too -- using the current OpenBSD pf(4) documentation on the older versions integrated into FreeBSD & NetBSD must be as equally frustrating in creating viable rulesets.